CVE-2023-24955

🗓️ 09 May 2023 17:03:01Reported by microsoftType

cve🔗 web.nvd.nist.gov📰️ 9 Media mentions👁 412 Views🌐 WEB

Microsoft SharePoint Server Remote Code Execution Vulnerabilit

Reporter	Title	Published	Views	Family All 46
0day.today	Sharepoint Dynamic Proxy Generator Remote Command Execution Exploit	27 Mar 202400:00	–	zdt
GithubExploit	Exploit for Incorrect Implementation of Authentication Algorithm in Microsoft	26 Sep 202316:18	–	githubexploit
GithubExploit	Exploit for Incorrect Implementation of Authentication Algorithm in Microsoft	30 Sep 202323:17	–	githubexploit
GithubExploit	Exploit for Code Injection in Microsoft	28 Dec 202309:08	–	githubexploit
ATTACKERKB	CVE-2023-24955	9 May 202300:00	–	attackerkb
Information Security Automation	Microsoft Patch Tuesday May 2023: Microsoft Edge, BlackLotus Secure Boot SFB, OLE RCE, Win32k EoP, NFS RCE, PGM RCE, LDAP RCE, SharePoint RCE	27 May 202322:39	–	avleonov
BDU FSTEC	The vulnerability of Microsoft SharePoint Server, Microsoft SharePoint Server Subscription Edition, and Microsoft SharePoint Enterprise Server packages allows a perpetrator to execute arbitrary code.	15 May 202300:00	–	bdu_fstec
Circl	CVE-2023-24955	9 May 202322:44	–	circl
CISA KEV Catalog	Microsoft SharePoint Server Code Injection Vulnerability	26 Mar 202400:00	–	cisa_kev
CISA	CISA Adds One Known Exploited Vulnerability to Catalog	26 Mar 202412:00	–	cisa

NVD

Vulners

CNA

Node

microsoft sharepoint_enterprise_serverMatch2016

microsoft sharepoint_serverMatch-subscription

microsoft sharepoint_serverMatch2019

[
  {
    "vendor": "Microsoft",
    "product": "Microsoft SharePoint Enterprise Server 2016",
    "platforms": [
      "x64-based Systems"
    ],
    "versions": [
      {
        "version": "16.0.0",
        "lessThan": "16.0.5395.1000",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft SharePoint Server 2019",
    "platforms": [
      "x64-based Systems"
    ],
    "versions": [
      {
        "version": "16.0.0",
        "lessThan": "16.0.10398.20000",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft SharePoint Server Subscription Edition",
    "platforms": [
      "x64-based Systems"
    ],
    "versions": [
      {
        "version": "16.0.0",
        "lessThan": "16.0.16130.20420",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  }
]

Source	Link
msrc	www.msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24955
cisa	www.cisa.gov/known-exploited-vulnerabilities-catalog

Parameter	Position	Path	Description	CWE
Authorization	header	_api/web/siteusers	Authentication bypass attempt against SharePoint REST API endpoints via forged JWT (alg:none) to access site users data.	CWE-94
X-PROOF_TOKEN	header	_api/web/siteusers	Authentication bypass attempt against SharePoint REST API endpoints via forged JWT (alg:none) to access site users data.	CWE-94
Authorization	header	_api/web/currentuser	Post-bypass access to current user endpoint to enumerate or verify admin privileges within SharePoint after authentication bypass.	CWE-94
X-PROOF_TOKEN	header	_api/web/currentuser	Post-bypass access to current user endpoint to enumerate or verify admin privileges within SharePoint after authentication bypass.	CWE-94

17 Jun 2026 05:40Current

8.6High risk

Vulners AI Score8.6

CVSS 3.17.2

EPSS0.85395

SSVC